CVE-2008-5420

CVSS 7.8 - HIGH
Description

The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote attackers to read arbitrary files.

Affected Products
2
Vendor Product Version
emc control_center All versions
emc control_center 5.2
References
http://osvdb.org/50032
http://secunia.com/advisories/32801
http://securityreason.com/securityalert/4709
http://www.securityfocus.com/archive/1/498556/100/...
http://www.securityfocus.com/bid/32392
http://www.securitytracker.com/id?1021263
http://www.vupen.com/english/advisories/2008/3220
http://www.zerodayinitiative.com/advisories/ZDI-08...
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
http://osvdb.org/50032
http://secunia.com/advisories/32801
http://securityreason.com/securityalert/4709
http://www.securityfocus.com/archive/1/498556/100/...
http://www.securityfocus.com/bid/32392
http://www.securitytracker.com/id?1021263
http://www.vupen.com/english/advisories/2008/3220
http://www.zerodayinitiative.com/advisories/ZDI-08...
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
Weakness Types
CWE-200
CVE Information
CVE ID:
CVE-2008-5420
Published:
2008-12-10
Modified:
2026-04-23
CVSS Score:
7.8
Severity:
HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:N/A:N
Affected Vendors
emc
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL